Bug 173901

Summary: kasan disables kmemleak
Product: Other Reporter: CAI Qian (caiqian)
Component: OtherAssignee: other_other
Status: RESOLVED CODE_FIX    
Severity: normal CC: catalin.marinas, dvyukov, luto
Priority: P1    
Hardware: All   
OS: Linux   
Kernel Version: 4.8-rc8 Subsystem:
Regression: No Bisected commit-id:

Description CAI Qian 2016-09-29 19:25:54 UTC
If enabled both kasan and kmemleak, kmemleak will be disabled eventually shortly after started ltp tests from an overlayfs backed by xfs.

[  397.822121]  [<ffffffff8166fd90>] ? kmemleak_disable+0x90/0x90
[  397.828630]  [<ffffffff8162a0a6>] ? kasan_unpoison_shadow+0x36/0x50

kernel config,
http://people.redhat.com/qcai/tmp/config-kasan

Full trace,
[  397.400447] WARNING: CPU: 25 PID: 11689 at lib/stackdepot.c:119 depot_save_stack+0x38b/0x490
[  397.409863] Stack depot reached limit capacity
[  397.414626] Modules linked in: ipt_MASQUERADE nf_nat_masquerade_ipv4 iptable_nat nf_conntrack_ipv4 nf_defrag_ipv4 nf_nat_ipv4 xt_addrtype iptable_filter xt_conntrack nf_nat nf_conntrack br_netfilter bridge stp llc overlay intel_rapl sb_edac edac_core x86_pkg_temp_thermal intel_powerclamp coretemp kvm_intel kvm irqbypass crct10dif_pclmul crc32_pclmul ghash_clmulni_intel aesni_intel lrw gf128mul glue_helper ablk_helper iTCO_wdt cryptd iTCO_vendor_support pcspkr i2c_i801 i2c_smbus mei_me sg lpc_ich mei shpchp wmi ipmi_ssif ipmi_si ipmi_msghandler acpi_power_meter acpi_pad nfsd auth_rpcgss nfs_acl lockd grace sunrpc ip_tables xfs libcrc32c sr_mod cdrom sd_mod crc32c_intel mgag200 i2c_algo_bit drm_kms_helper syscopyarea sysfillrect sysimgblt fb_sys_fops ttm drm ixgbe ahci libahci mdio ptp i2c_core libata pps_core dca fjes dm_mirror dm_region_hash dm_log dm_mod
[  397.500326] CPU: 25 PID: 11689 Comm: ver_linux Tainted: G    B           4.8.0-rc8+ #4
[  397.509161] Hardware name: Intel Corporation S2600WTT/S2600WTT, BIOS GRNDSDP1.86B.0044.R00.1501191641 01/19/2015
[  397.520516]  0000000000000000 00000000322093fb ffff8803d470e9c8 ffffffff81a617c1
[  397.528810]  ffff8803d470ea40 0000000000000000 ffff8803d470ea10 ffffffff8118c7d2
[  397.537103]  00000000010640e0 ffff880300000077 ffffed007a8e1d44 000000000000001e
[  397.545397] Call Trace:
[  397.548128]  [<ffffffff81a617c1>] dump_stack+0x85/0xc4
[  397.553857]  [<ffffffff8118c7d2>] __warn+0x172/0x1b0
[  397.559396]  [<ffffffff8118c8c4>] warn_slowpath_fmt+0xb4/0xf0
[  397.565808]  [<ffffffff8118c810>] ? __warn+0x1b0/0x1b0
[  397.571543]  [<ffffffff81b1f9fb>] depot_save_stack+0x38b/0x490
[  397.578055]  [<ffffffff8162a005>] save_stack+0xb5/0xd0
[  397.583790]  [<ffffffff810bcc1b>] ? save_stack_trace+0x2b/0x50
[  397.590298]  [<ffffffff81629f96>] ? save_stack+0x46/0xd0
[  397.596225]  [<ffffffff8162a20d>] ? kasan_kmalloc+0xad/0xe0
[  397.602444]  [<ffffffff8162a742>] ? kasan_slab_alloc+0x12/0x20
[  397.608952]  [<ffffffff816255da>] ? kmem_cache_alloc+0xda/0x310
[  397.615605]  [<ffffffffa07e1621>] ? kmem_zone_alloc+0x81/0x180 [xfs]
[  397.622725]  [<ffffffffa0778be5>] ? _xfs_buf_alloc+0x35/0xec0 [xfs]
[  397.629748]  [<ffffffffa077d646>] ? xfs_buf_get_map+0x556/0x980 [xfs]
[  397.636955]  [<ffffffffa078090d>] ? xfs_buf_read_map+0x2d/0x6c0 [xfs]
[  397.644173]  [<ffffffffa0823c1e>] ? xfs_trans_read_buf_map+0x2ce/0xbc0 [xfs]
[  397.652067]  [<ffffffffa06e9462>] ? xfs_da_read_buf+0x212/0x370 [xfs]
[  397.659280]  [<ffffffffa06e95e3>] ? xfs_da3_node_read+0x23/0x170 [xfs]
[  397.666591]  [<ffffffffa06eed7a>] ? xfs_da3_node_lookup_int+0x22a/0xf70 [xfs]
[  397.674582]  [<ffffffffa0720fb4>] ? xfs_dir2_node_lookup+0x134/0x750 [xfs]
[  397.682280]  [<ffffffffa06fca70>] ? xfs_dir_lookup+0x6c0/0x9a0 [xfs]
[  397.689400]  [<ffffffffa07bf8ce>] ? xfs_lookup+0x11e/0x470 [xfs]
[  397.696131]  [<ffffffffa07b4bba>] ? xfs_vn_lookup+0x18a/0x1f0 [xfs]
[  397.703127]  [<ffffffff816b0e48>] ? lookup_slow+0x248/0x440
[  397.709335]  [<ffffffff816b12ae>] ? lookup_one_len_unlocked+0x26e/0x2e0
[  397.716719]  [<ffffffffa0bfdd39>] ? ovl_lookup+0x179/0x14d0 [overlay]
[  397.723905]  [<ffffffff816b0e48>] ? lookup_slow+0x248/0x440
[  397.730124]  [<ffffffff816bcdb8>] ? walk_component+0x768/0x10b0
[  397.736728]  [<ffffffff816bf0b5>] ? path_lookupat+0x135/0x410
[  397.743140]  [<ffffffff816c31ab>] ? filename_lookup+0x17b/0x390
[  397.749745]  [<ffffffff816c34e6>] ? user_path_at_empty+0x36/0x40
[  397.756450]  [<ffffffff8169dc38>] ? vfs_fstatat+0xa8/0x130
[  397.762570]  [<ffffffff8169ebf3>] ? SYSC_newstat+0x83/0xe0
[  397.768691]  [<ffffffff8169ef0e>] ? SyS_newstat+0xe/0x10
[  397.774620]  [<ffffffff81007a06>] ? do_syscall_64+0x1a6/0x500
[  397.781035]  [<ffffffff826cbebf>] ? entry_SYSCALL64_slow_path+0x25/0x25
[  397.788418]  [<ffffffff81670341>] ? create_object+0x5b1/0x970
[  397.794831]  [<ffffffff8120c90e>] ? preempt_count_sub+0x5e/0xe0
[  397.801436]  [<ffffffff826cbbfa>] ? _raw_write_unlock_irqrestore+0x4a/0x80
[  397.809109]  [<ffffffff81670341>] ? create_object+0x5b1/0x970
[  397.815524]  [<ffffffff8135f163>] ? __module_address+0x43/0x390
[  397.822121]  [<ffffffff8166fd90>] ? kmemleak_disable+0x90/0x90
[  397.828630]  [<ffffffff8162a0a6>] ? kasan_unpoison_shadow+0x36/0x50
[  397.835623]  [<ffffffff8162a20d>] kasan_kmalloc+0xad/0xe0
[  397.841647]  [<ffffffff8162a742>] kasan_slab_alloc+0x12/0x20
[  397.847962]  [<ffffffff816255da>] kmem_cache_alloc+0xda/0x310
[  397.854405]  [<ffffffffa07e1621>] kmem_zone_alloc+0x81/0x180 [xfs]
[  397.861331]  [<ffffffffa0778be5>] _xfs_buf_alloc+0x35/0xec0 [xfs]
[  397.868160]  [<ffffffffa077cbd3>] ? _xfs_buf_find+0x903/0xe20 [xfs]
[  397.875183]  [<ffffffffa077d646>] xfs_buf_get_map+0x556/0x980 [xfs]
[  397.882197]  [<ffffffffa06e4910>] ? xfs_da3_node_read_verify+0x330/0x330 [xfs]
[  397.890277]  [<ffffffffa078090d>] xfs_buf_read_map+0x2d/0x6c0 [xfs]
[  397.897263]  [<ffffffff826cb5fa>] ? _raw_spin_unlock_irqrestore+0x4a/0x80
[  397.904870]  [<ffffffffa0823c1e>] xfs_trans_read_buf_map+0x2ce/0xbc0 [xfs]
[  397.912570]  [<ffffffffa06e9462>] xfs_da_read_buf+0x212/0x370 [xfs]
[  397.919564]  [<ffffffff8162a20d>] ? kasan_kmalloc+0xad/0xe0
[  397.925781]  [<ffffffff8162a742>] ? kasan_slab_alloc+0x12/0x20
[  397.932316]  [<ffffffffa06e9250>] ? xfs_da3_root_split.isra.12+0xf30/0xf30 [xfs]
[  397.940600]  [<ffffffffa07b4bba>] ? xfs_vn_lookup+0x18a/0x1f0 [xfs]
[  397.947594]  [<ffffffff816b12ae>] ? lookup_one_len_unlocked+0x26e/0x2e0
[  397.954977]  [<ffffffffa0bfdd39>] ? ovl_lookup+0x179/0x14d0 [overlay]
[  397.962163]  [<ffffffff816b0e48>] ? lookup_slow+0x248/0x440
[  397.968380]  [<ffffffff816bcdb8>] ? walk_component+0x768/0x10b0
[  397.974986]  [<ffffffff816bf0b5>] ? path_lookupat+0x135/0x410
[  397.981398]  [<ffffffff816c31ab>] ? filename_lookup+0x17b/0x390
[  397.988002]  [<ffffffff816c34e6>] ? user_path_at_empty+0x36/0x40
[  397.994705]  [<ffffffff8169ebf3>] ? SYSC_newstat+0x83/0xe0
[  398.000825]  [<ffffffff8169ef0e>] ? SyS_newstat+0xe/0x10
[  398.006753]  [<ffffffff81007a06>] ? do_syscall_64+0x1a6/0x500
[  398.013166]  [<ffffffff826cbebf>] ? entry_SYSCALL64_slow_path+0x25/0x25
[  398.020548]  [<ffffffff81670341>] ? create_object+0x5b1/0x970
[  398.026961]  [<ffffffff8120c90e>] ? preempt_count_sub+0x5e/0xe0
[  398.033565]  [<ffffffff826cbbfa>] ? _raw_write_unlock_irqrestore+0x4a/0x80
[  398.041266]  [<ffffffffa06e95e3>] xfs_da3_node_read+0x23/0x170 [xfs]
[  398.048381]  [<ffffffffa06eed7a>] xfs_da3_node_lookup_int+0x22a/0xf70 [xfs]
[  398.056178]  [<ffffffffa06eeb50>] ? xfs_da3_node_toosmall+0xbc0/0xbc0 [xfs]
[  398.063949]  [<ffffffff816256ff>] ? kmem_cache_alloc+0x1ff/0x310
[  398.070682]  [<ffffffffa07e1621>] ? kmem_zone_alloc+0x81/0x180 [xfs]
[  398.077799]  [<ffffffffa0720fb4>] xfs_dir2_node_lookup+0x134/0x750 [xfs]
[  398.085304]  [<ffffffffa06fb8cf>] ? xfs_dir2_isleaf+0x9f/0x210 [xfs]
[  398.092420]  [<ffffffffa0720e80>] ? xfs_dir2_node_addname+0x590/0x590 [xfs]
[  398.100220]  [<ffffffffa07bcac6>] ? xfs_ilock+0x246/0x340 [xfs]
[  398.106854]  [<ffffffffa07bcc13>] ? xfs_ilock_data_map_shared+0x53/0xa0 [xfs]
[  398.114845]  [<ffffffffa06fca70>] xfs_dir_lookup+0x6c0/0x9a0 [xfs]
[  398.121768]  [<ffffffffa06fc3b0>] ? xfs_dir_canenter+0x30/0x30 [xfs]
[  398.128861]  [<ffffffff812917cd>] ? down_read_nested+0x4d/0xc0
[  398.135398]  [<ffffffffa07bcaed>] ? xfs_ilock+0x26d/0x340 [xfs]
[  398.142029]  [<ffffffffa07bcaed>] ? xfs_ilock+0x26d/0x340 [xfs]
[  398.148664]  [<ffffffffa07bf8ce>] xfs_lookup+0x11e/0x470 [xfs]
[  398.155201]  [<ffffffffa07bf7b0>] ? xfs_ip2xflags+0xe0/0xe0 [xfs]
[  398.161995]  [<ffffffff816dfa40>] ? __d_lookup_rcu+0x940/0x940
[  398.168533]  [<ffffffffa07b4bba>] xfs_vn_lookup+0x18a/0x1f0 [xfs]
[  398.175362]  [<ffffffffa07b4a30>] ? xfs_vn_link+0x240/0x240 [xfs]
[  398.182163]  [<ffffffff816b0d4f>] ? lookup_slow+0x14f/0x440
[  398.188383]  [<ffffffff816b0e48>] lookup_slow+0x248/0x440
[  398.194406]  [<ffffffff816b0c00>] ? lookup_one_len+0x390/0x390
[  398.200913]  [<ffffffff816e10de>] ? __d_lookup+0x3e/0x5e0
[  398.206937]  [<ffffffff816e1265>] ? __d_lookup+0x1c5/0x5e0
[  398.213056]  [<ffffffff816e10de>] ? __d_lookup+0x3e/0x5e0
[  398.219080]  [<ffffffff816ae0ef>] ? lookup_dcache+0x1f/0xf0
[  398.225296]  [<ffffffff816e1713>] ? d_lookup+0x93/0xd0
[  398.231027]  [<ffffffff816ae0ef>] ? lookup_dcache+0x1f/0xf0
[  398.237247]  [<ffffffff816b12ae>] lookup_one_len_unlocked+0x26e/0x2e0
[  398.244435]  [<ffffffff816b1040>] ? lookup_slow+0x440/0x440
[  398.250656]  [<ffffffffa0bfdd39>] ovl_lookup+0x179/0x14d0 [overlay]
[  398.257640]  [<ffffffff816b0d4f>] ? lookup_slow+0x14f/0x440
[  398.263859]  [<ffffffff816b0e48>] lookup_slow+0x248/0x440
[  398.269882]  [<ffffffff816b0c00>] ? lookup_one_len+0x390/0x390
[  398.276391]  [<ffffffff818c5101>] ? selinux_inode_permission+0x251/0x410
[  398.283870]  [<ffffffff816bcdb8>] walk_component+0x768/0x10b0
[  398.290281]  [<ffffffff816aee13>] ? __inode_permission+0xb3/0x2b0
[  398.297081]  [<ffffffff816bc650>] ? follow_dotdot_rcu+0xb90/0xb90
[  398.303881]  [<ffffffff816bd88a>] ? link_path_walk+0x18a/0x1780
[  398.310486]  [<ffffffff816bd700>] ? walk_component+0x10b0/0x10b0
[  398.317189]  [<ffffffff8167018a>] ? create_object+0x3fa/0x970
[  398.323601]  [<ffffffff816bf0b5>] path_lookupat+0x135/0x410
[  398.329820]  [<ffffffff816c31ab>] filename_lookup+0x17b/0x390
[  398.336232]  [<ffffffff816c3030>] ? filename_parentat+0x410/0x410
[  398.343033]  [<ffffffff81629f04>] ? kasan_check_write+0x14/0x20
[  398.349641]  [<ffffffff81b1e197>] ? strncpy_from_user+0x77/0x270
[  398.356334]  [<ffffffff816c27f2>] ? getname_flags+0x102/0x510
[  398.362746]  [<ffffffff816c34e6>] user_path_at_empty+0x36/0x40
[  398.369254]  [<ffffffff8169dc38>] vfs_fstatat+0xa8/0x130
[  398.375182]  [<ffffffff8169db90>] ? vfs_fstat+0x60/0x60
[  398.381016]  [<ffffffff813cfcc5>] ? __audit_syscall_entry+0x325/0x6f0
[  398.388205]  [<ffffffff813cfcc5>] ? __audit_syscall_entry+0x325/0x6f0
[  398.395393]  [<ffffffff8169ef00>] ? SyS_fstat+0x10/0x10
[  398.401224]  [<ffffffff8169ebf3>] SYSC_newstat+0x83/0xe0
[  398.407151]  [<ffffffff8169eb70>] ? cp_new_stat+0x550/0x550
[  398.413368]  [<ffffffff81004a70>] ? exit_to_usermode_loop+0x170/0x170
[  398.420554]  [<ffffffff813d07c5>] ? __audit_syscall_exit+0x735/0x9f0
[  398.427644]  [<ffffffff810068cd>] ? syscall_slow_exit_work+0x23d/0x2a0
[  398.434928]  [<ffffffff8169ef0e>] SyS_newstat+0xe/0x10
[  398.440662]  [<ffffffff81007a06>] do_syscall_64+0x1a6/0x500
[  398.446880]  [<ffffffff8100401a>] ? trace_hardirqs_on_thunk+0x1a/0x1c
[  398.454068]  [<ffffffff826cbebf>] entry_SYSCALL64_slow_path+0x25/0x25
Comment 1 Catalin Marinas 2016-10-05 15:58:41 UTC
This warning seems to be generated by depot_alloc_stack() and not related to kmemleak. Is there any message from kmemleak in the kernel log which says why it was disabled? In general kmemleak_disable() call whould be accompanied by a pr_warn() with more information.
Comment 2 CAI Qian 2016-10-10 17:36:44 UTC
So I retested it this on today's mainline HEAD. Although kmemleak remains enabled after bootup, the kernel won't be able to survive any kernel compilation workload.

[  130.392553] kasan: CONFIG_KASAN_INLINE enabled
[  130.397517] kasan: GPF could be caused by NULL-ptr deref or user memory access
[  130.405581] general protection fault: 0000 [#1] PREEMPT SMP KASAN
[  130.412382] Modules linked in: intel_rapl sb_edac edac_core x86_pkg_temp_thermal intel_powerclamp coretemp kvm_intel kvm irqbypass crct10dif_pclmul crc32_pclmul ghash_clmulni_intel aesni_intel lrw gf128mul glue_helper ablk_helper cryptd iTCO_wdt iTCO_vendor_support pcspkr mxm_wmi i2c_i801 i2c_smbus sg mei_me mei lpc_ich shpchp ipmi_ssif ipmi_si ipmi_msghandler wmi acpi_power_meter acpi_pad nfsd auth_rpcgss nfs_acl lockd grace sunrpc ip_tables xfs libcrc32c sr_mod cdrom sd_mod mgag200 i2c_algo_bit drm_kms_helper syscopyarea sysfillrect sysimgblt fb_sys_fops crc32c_intel ttm ixgbe drm serio_raw ahci libahci mdio libata ptp i2c_core pps_core dca fjes dm_mirror dm_region_hash dm_log dm_mod
[  130.480996] CPU: 82 PID: 799 Comm: kmemleak Tainted: G    B           4.8.0+ #3
[  130.489156] Hardware name: Intel Corporation S2600WTT/S2600WTT, BIOS GRRFSDP1.86B.0271.R00.1510301446 10/30/2015
[  130.500513] task: ffff880824298000 task.stack: ffff8808242a0000
[  130.507121] RIP: 0010:[<ffffffff81677ee0>]  [<ffffffff81677ee0>] scan_block+0xb0/0x460
[  130.515976] RSP: 0018:ffff8808242a7d20  EFLAGS: 00010046
[  130.521905] RAX: dffffc0000000000 RBX: ffff880824298000 RCX: 0000000000000001
[  130.529868] RDX: 1ffff10104854fc8 RSI: 0000000000000000 RDI: ffff8808242a7e40
[  130.537830] RBP: ffff8808242a7d78 R08: 0000000000000001 R09: 0000000000000001
[  130.545793] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000007ff9
[  130.553756] R13: 1ffff10104853368 R14: ffff880824298000 R15: 0000000000000000
[  130.561720] FS:  0000000000000000(0000) GS:ffff880e5ed80000(0000) knlGS:0000000000000000
[  130.570749] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  130.577161] CR2: 00007f65eceae990 CR3: 0000000002e0a000 CR4: 00000000003406e0
[  130.585124] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  130.593086] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  130.601049] Stack:
[  130.603292]  0000000000000000 ffffffff82e090d8 ffff880824299b40 ffff880e4994c9c0
[  130.611589]  0000000000000292 0000000000000000 ffff8807fb08c200 dffffc0000000000
[  130.619886]  ffff8807fb08c200 0000000001080000 ffffea0042000000 ffff8808242a7de8
[  130.628179] Call Trace:
[  130.630910]  [<ffffffff81679907>] kmemleak_scan+0xb37/0xf50
[  130.637119]  [<ffffffff81678e08>] ? kmemleak_scan+0x38/0xf50
[  130.643435]  [<ffffffff81679d20>] ? kmemleak_scan+0xf50/0xf50
[  130.649849]  [<ffffffff81679d9e>] kmemleak_scan_thread+0x7e/0xd0
[  130.656554]  [<ffffffff811f6e02>] kthread+0x222/0x2e0
[  130.662182]  [<ffffffff811f6be0>] ? kthread_park+0x80/0x80
[  130.668304]  [<ffffffff811f6be0>] ? kthread_park+0x80/0x80
[  130.674424]  [<ffffffff811f6be0>] ? kthread_park+0x80/0x80
[  130.680548]  [<ffffffff826f93ba>] ret_from_fork+0x2a/0x40
[  130.686571] Code: df 41 0f b6 44 05 00 84 c0 74 08 3c 03 0f 8e 84 03 00 00 4c 89 fe 83 ab 40 1b 00 00 01 48 b8 00 00 00 00 00 fc ff df 48 c1 ee 03 <80> 3c 06 00 0f 85 30 03 00 00 49 8d be 40 1b 00 00 48 be 00 00 
[  130.708363] RIP  [<ffffffff81677ee0>] scan_block+0xb0/0x460
[  130.714591]  RSP <ffff8808242a7d20>
[  130.718536] ---[ end trace 7f1b35189505276b ]---
[  130.723688] Kernel panic - not syncing: Fatal exception
[  131.794896] Shutting down cpus with NMI
[  131.799190] Kernel Offset: disabled
[  131.803108] ---[ end Kernel panic - not syncing: Fatal exception
[  131.809833] ------------[ cut here ]------------
[  131.814992] WARNING: CPU: 82 PID: 799 at arch/x86/kernel/smp.c:125 native_smp_send_reschedule+0x89/0xa0
[  131.825476] Modules linked in: intel_rapl sb_edac edac_core x86_pkg_temp_thermal intel_powerclamp coretemp kvm_intel kvm irqbypass crct10dif_pclmul crc32_pclmul ghash_clmulni_intel aesni_intel lrw gf128mul glue_helper ablk_helper cryptd iTCO_wdt iTCO_vendor_support pcspkr mxm_wmi i2c_i801 i2c_smbus sg mei_me mei lpc_ich shpchp ipmi_ssif ipmi_si ipmi_msghandler wmi acpi_power_meter acpi_pad nfsd auth_rpcgss nfs_acl lockd grace sunrpc ip_tables xfs libcrc32c sr_mod cdrom sd_mod mgag200 i2c_algo_bit drm_kms_helper syscopyarea sysfillrect sysimgblt fb_sys_fops crc32c_intel ttm ixgbe drm serio_raw ahci libahci mdio libata ptp i2c_core pps_core dca fjes dm_mirror dm_region_hash dm_log dm_mod
[  131.894064] CPU: 82 PID: 799 Comm: kmemleak Tainted: G    B D         4.8.0+ #3
[  131.902222] Hardware name: Intel Corporation S2600WTT/S2600WTT, BIOS GRRFSDP1.86B.0271.R00.1510301446 10/30/2015
[  131.913578]  ffff880e5ed87cb0 ffffffff81a6a6e1 0000000000000000 0000000000000000
[  131.921874]  ffff880e5ed87cf8 ffffffff8118e3f2 0000000000000046 ffffffff0000007d
[  131.930171]  0000000000000003 0000000000000003 0000000000022fc0 0000000000022fc0
[  131.938466] Call Trace:
[  131.941193]  <IRQ>  [<ffffffff81a6a6e1>] dump_stack+0x85/0xc4
[  131.947630]  [<ffffffff8118e3f2>] __warn+0x172/0x1b0
[  131.953170]  [<ffffffff8118e61d>] warn_slowpath_null+0x1d/0x20
[  131.959681]  [<ffffffff810efa79>] native_smp_send_reschedule+0x89/0xa0
[  131.966967]  [<ffffffff8126b1c3>] trigger_load_balance+0x563/0xa10
[  131.973865]  [<ffffffff8126ada7>] ? trigger_load_balance+0x147/0xa10
[  131.980956]  [<ffffffff812275c4>] scheduler_tick+0x1b4/0x300
[  131.987276]  [<ffffffff8134e9d0>] ? tick_sched_do_timer+0xf0/0xf0
[  131.994082]  [<ffffffff8131f7a7>] update_process_times+0x47/0x60
[  132.000785]  [<ffffffff8134d139>] tick_sched_handle.isra.16+0x49/0xe0
[  132.007972]  [<ffffffff8134ea39>] tick_sched_timer+0x69/0xe0
[  132.014288]  [<ffffffff81321c96>] __hrtimer_run_queues+0x2f6/0xbf0
[  132.021186]  [<ffffffff81323d7e>] ? hrtimer_interrupt+0x13e/0x480
[  132.027987]  [<ffffffff813219a0>] ? retrigger_next_event+0x150/0x150
[  132.035076]  [<ffffffff81323d7e>] ? hrtimer_interrupt+0x13e/0x480
[  132.041877]  [<ffffffff81323de2>] hrtimer_interrupt+0x1a2/0x480
[  132.048485]  [<ffffffff810f7c53>] local_apic_timer_interrupt+0x73/0xf0
[  132.055771]  [<ffffffff826fbf3b>] smp_apic_timer_interrupt+0x7b/0xa0
[  132.062861]  [<ffffffff826fafd6>] apic_timer_interrupt+0x96/0xa0
[  132.069562]  <EOI>  [<ffffffff81503a6b>] ? panic+0x2d1/0x311
[  132.075895]  [<ffffffff81503a64>] ? panic+0x2ca/0x311
[  132.081532]  [<ffffffff8150379a>] ? percpu_up_read_preempt_enable.constprop.33+0xb9/0xb9
[  132.090566]  [<ffffffff812d184d>] ? kmsg_dump+0x22d/0x310
[  132.096592]  [<ffffffff8109a5f0>] oops_end+0xc0/0xd0
[  132.102131]  [<ffffffff8109aabb>] die+0x4b/0x70
[  132.107187]  [<ffffffff8109499f>] do_general_protection+0x20f/0x3b0
[  132.114183]  [<ffffffff826fa668>] general_protection+0x28/0x30
[  132.120694]  [<ffffffff81677ee0>] ? scan_block+0xb0/0x460
[  132.126718]  [<ffffffff81679907>] kmemleak_scan+0xb37/0xf50
[  132.132937]  [<ffffffff81678e08>] ? kmemleak_scan+0x38/0xf50
[  132.139253]  [<ffffffff81679d20>] ? kmemleak_scan+0xf50/0xf50
[  132.145666]  [<ffffffff81679d9e>] kmemleak_scan_thread+0x7e/0xd0
[  132.152369]  [<ffffffff811f6e02>] kthread+0x222/0x2e0
[  132.158005]  [<ffffffff811f6be0>] ? kthread_park+0x80/0x80
[  132.164127]  [<ffffffff811f6be0>] ? kthread_park+0x80/0x80
[  132.170248]  [<ffffffff811f6be0>] ? kthread_park+0x80/0x80
[  132.176369]  [<ffffffff826f93ba>] ret_from_fork+0x2a/0x40
[  132.182392] ---[ end trace 7f1b35189505276c ]---
Comment 3 Catalin Marinas 2016-10-11 16:58:40 UTC
The latest kernel dump seems to be unrelated to the original one. I can indeed trigger it with the latest kernel but I'm not sure it depends on KASan. It seems that task_stack_page() returns NULL occasionally (maybe caused by the recent vmap stack changes on x86; I'll add some debug printks to kmemleak and re-test).
Comment 4 Catalin Marinas 2016-10-11 17:15:17 UTC
Commit 68f24b08ee89 ("sched/core: Free the stack early if CONFIG_THREAD_INFO_IN_TASK") causes the task->stack to be set to NULL. I'll have to check if this happens while read_lock(&tasklist_lock) but from the commit log, it seems that it might be possible.
Comment 5 Andy Lutomirski 2016-10-14 18:43:43 UTC
I didn't do anything to intentionally prevent it.  The right way to fix it should be to use try_get_task_stack().
Comment 6 Catalin Marinas 2016-10-17 09:42:40 UTC
I fixed it in this patch:

http://lkml.kernel.org/r/1476266223-14325-1-git-send-email-catalin.marinas@arm.com

If Cai is no longer seeing any issues, we could close this bug.
Comment 7 CAI Qian 2016-10-17 13:54:12 UTC
Yes, everything works fine now.
Comment 8 Dmitry Vyukov 2018-01-10 09:09:53 UTC
CAI, please close this bug as it's fixed now. This still shows up as STATUS:NEW bug for KASAN.